RealNews

'Microsoft' worm has 13-day timebomb

A new worm which pretends to have been sent by Microsoft technical support has started to appear in the wild. Palyh (pronounced Pale-H) is a basic worm which copies itself to the Windows system memory as MSCCN32.EXE, and spreads by mailing itself out to a host’s contacts and via corporate networks. The worm has the ability automatically to update itself from a remote web server, and install spyware on infected PCs. But it is also time locked to become inactive after 31 May. “We’ve had a lot of reports worldwide,” said Graham Cluley, virus consultant at Sophos. “It showed up around midnight and seemed to hit Australia and New Zealand hardest due to the time of release. “There’s a danger to home users who might not be blocking attachments, and for companies which only scan emails and don’t monitor network shares.” Full Story

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.